[Secure-testing-commits] r2522 - data/CVE

Joey Hess joeyh at costa.debian.org
Thu Oct 20 21:14:24 UTC 2005 

Author: joeyh
Date: 2005-10-20 21:14:18 +0000 (Thu, 20 Oct 2005)
New Revision: 2522

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-10-20 17:50:54 UTC (rev 2521)
+++ data/CVE/list	2005-10-20 21:14:18 UTC (rev 2522)
@@ -2,7 +2,7 @@
 	- mantis <unfixed> (bug #330682; unknown)
 CVE-2005-XXXX [Filter information disclosure in mantis]
 	- mantis <unfixed> (bug #330682; low)
-CVE-2005-3258 (The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier ...)
+CVE-2005-3258
 	- squid <unfixed> (bug #334882; medium)
 CVE-2005-XXXX [Lots of vulnerabilities in ethereal]
 	- ethereal <unfixed> (bug #334880; medium)
@@ -320,6 +320,7 @@
 	RESERVED
 CVE-2005-3121 [Insecure temp file generation in module-assistant]
 	RESERVED
+	{DSA-867-1}
 	- module-assistant 0.9.10
 	TODO: Check, whether this version really fixes the issue, it's not mentioned in the changelog
 CVE-2005-3120 (Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and ...)
@@ -489,6 +490,7 @@
 CVE-2005-3088
 	RESERVED
 CVE-2005-3111 (The handler code for backupninja 0.8 and earlier creates temporary ...)
+	{DSA-827-1}
 	- backupninja 0.8-2 (medium)
 CVE-2005-XXXX [microcode.ctl downloads microcode w/o user confirmation]
 	- microcode.ctl <unfixed> (bug #282583; low)
@@ -781,6 +783,7 @@
 CVE-2005-2970
 	RESERVED
 CVE-2005-2969 (The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and ...)
+	{DSA-868-1}
 	- openssl 0.9.8-3 (bug #333500; low)
 	- openssl097 0.9.7g-5 (bug #333500; low)
 	- openssl094 <removed>
@@ -1010,7 +1013,7 @@
 CVE-2005-2874 (The is_path_absolute function in scheduler/client.c for the daemon in ...)
 	- cupsys 1.1.23-1 (unknown)
 CVE-2005-2871 (Buffer overflow in the International Domain Name (IDN) support in ...)
-	{DSA-837-1}
+	{DSA-868-1 DSA-866-1 DSA-837-1}
 	- mozilla-firefox 1.0.6-5 (bug #327452; bug #327802; medium)
 	- mozilla 2:1.7.12-1 (bug #327455; medium)
 	NOTE: epiphany-browser is apparently fixed fix the mozilla-browser
@@ -1354,31 +1357,31 @@
 CVE-2005-2708
 	RESERVED
 CVE-2005-2707 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
-	{DSA-838-1}
+	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (medium)
 CVE-2005-2706 (Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote ...)
-	{DSA-838-1}
+	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
 	- mozilla 2:1.7.12-1 (high)
 CVE-2005-2705 (Integer overflow in the JavaScript engine in Firefox before 1.0.7 and ...)
-	{DSA-838-1}
+	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
 	- mozilla 2:1.7.12-1 (high)
 CVE-2005-2704 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
-	{DSA-838-1}
+	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (medium)
 CVE-2005-2703 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
-	{DSA-838-1}
+	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla (medium)
 CVE-2005-2702 (Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote ...)
-	{DSA-838-1}
+	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; high)
 	- mozilla 2:1.7.12-1 (high)
 CVE-2005-2701 (Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite ...)
-	{DSA-838-1}
+	{DSA-868-1 DSA-866-1 DSA-838-1}
 	- mozilla-firefox 1.0.7-1 (bug #329778; medium)
 	- mozilla 2:1.7.12-1 (bug #329778; medium)
 CVE-2005-2700 (ssl_engine_kernel.c in mod_ssl before 2.8.24, when using ...)
@@ -2497,8 +2500,10 @@
 CVE-2005-XXXX [clamav-getfile: Insecure use of temporary files]
 	- clamav-getfiles 0.5-1 (bug #321446; medium)
 CVE-2005-3254 (The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect ...)
+	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316881; low)
 CVE-2005-3255 (The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian ...)
+	{DTSA-6-1}
 	- cgiwrap 3.9-3.1 (bug #316901; low)
 CVE-2004-2162 (Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow ...)
 	- tutos 1.1.20031017-2.1 (bug #318633; medium)
@@ -3956,7 +3961,6 @@
 	- cupsys 1.1.20final+rc1-1 (low)
 CVE-2005-2116
 	REJECTED
-	{DSA-745-1}
 CVE-2005-2115 (Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause ...)
 	NOT-FOR-US: Soldier of Fortune
 CVE-2005-2114 (Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and ...)

More information about the Secure-testing-commits mailing list